VPC and Networking Flashcards
VPC and Networking
IP that costs even if its not attached to an EC2 instance or EC2 instance is stopped
ElasticIP
Linked to a region
Within it we have subnets
VPC
Linked to an AZ
Used to partition your VPC
Define public and private scopes
Subnet
Define access to internet and between subnets
Route Table
Range of IP addresses allowed in the VPC
CIDR Range
Helps to connect VPC to internet
Public subnet routes to this which connect to internet
Internet Gateway
AWS managed gateway and Self Managed gateway
Allows instances in private subnet to access internet but still remain private
NAT Gateway & NAT Instances
Firewall that controls traffic from and to a subnet
Define Allow & Deny rules and rules include only IP addresses
Network ACL
Firewall that controls traffic from and to a ENI/EC2 instance
Define Allow rules only and rules include IP addresses or other SGs
Security Groups
Capture information about IP traffic going into your interfaces. Its data can go to S3, CloudWatch Logs and Kinesis Data Firehose
VPC Flow Logs
To connect two VPC privately using the network from AWS
IP addresses range should not overlap
VPC Peering
To access AWS services by a private subnet in a private network
TwoTypes:
VPC Gateway - Connect to S3 or DynamoDB
VPN Endpoint Interface - Connect to all other AWS services
VPC Endpoints
Allows services running in your VPC in AWS to other VPCs privately
Add Network Load Balances on premise
Add Elastic Network Interface on AWS VPC
AWS PrivateLink
Connect on premise DC with VPC on AWS over public internet but enctypted
Add a Customer Gateway on premise
Add Virtual Private Gateway at VPC
Connect both using site to site VPN
Site to Site VPN
Connect on premise DC with VPC on AWS over private network using physical connection
Direct Connect (DX)
